From: "Alexey V. Neyman" <avn@any.ru> To: Anton Vladimirov <admin128@mail.ru> Cc: <security@FreeBSD.ORG> Subject: Re: ftp vulnerability Message-ID: <Pine.BSF.4.33.0104111346370.56094-100000@srv2.any> In-Reply-To: <15739596567.20010411131004@mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Good day, Anton! When this hole was patched, libc was also corrected, so you'll need to update it too. The least painful way will be CVSup, IMHO. # Alexey On Wed, 11 Apr 2001, Anton Vladimirov wrote: >Hello security, > > I run FreeBSD 4.0-RELEASE with all security patches applied. > Could anyone clearly explain how to fix the recent > ftpd hole for this version? > > I downloaded the sources of ftpd from the 4.2-CURRENT > release, but how to install it? > > I do the following: >============================================= >bash-2.03# make depend >yacc -o ftpcmd.c ftpcmd.y >yacc: w - the symbol ext_arg is undefined >rm -f .depend >mkdep -f .depend -a -DSETPROCTITLE -DSKEY -DLOGIN_CAP -DVIRTUAL_HOSTING -DINET6 -I/usr/src/libexec/ftpd -Dmain=ls_main -I/usr/src/libexec/c >cd /usr/src/libexec/ftpd; make _EXTRADEPEND >echo ftpd: /usr/lib/libc.a /usr/lib/libskey.a /usr/lib/libmd.a /usr/lib/libcrypt.a /usr/lib/libutil.a /usr/lib/libpam.a >> .depend >bash-2.03# make >Warning: Object directory not changed from original /usr/src/libexec/ftpd >cc -O -pipe -DSETPROCTITLE -DSKEY -DLOGIN_CAP -DVIRTUAL_HOSTING -Wall -DINET6 -I/usr/src/libexec/ftpd -Dmain=ls_main -I/usr/src/libexec/ftpd/c >ftpd.c: In function `send_file_list': >ftpd.c:2673: `GLOB_MAXPATH' undeclared (first use in this function) >ftpd.c:2673: (Each undeclared identifier is reported only once >ftpd.c:2673: for each function it appears in.) >ftpd.c:2662: warning: variable `dout' might be clobbered by `longjmp' or `vfork' >ftpd.c:2663: warning: variable `dirlist' might be clobbered by `longjmp' or `vfork' >ftpd.c:2664: warning: variable `simple' might be clobbered by `longjmp' or `vfork' >ftpd.c:2665: warning: variable `freeglob' might be clobbered by `longjmp' or `vfork' >*** Error code 1 > >Stop in /usr/src/libexec/ftpd. >================================================== > >Where am I mistaken? > > >-- >Best regards, > Anton mailto:admin128@mail.ru > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0104111346370.56094-100000>